Tychesoftwares Order_delivery_date_for_woocommerce
4 CVEs affecting Tychesoftwares Order_delivery_date_for_woocommerce. Latest disclosed: 2025-07-11. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-2929 | High | 7.1 | 2025-05-20 | The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected C… |
CVE-2023-41874 | High | 7.1 | 2023-09-25 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce plugin <= 3.20.0 versions. |
CVE-2025-2942 | Medium | 4.3 | 2025-07-11 | The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an unauthenticated AJAX action… |
CVE-2023-41858 | Medium | 4.3 | 2023-10-10 | Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions. |